{"id":5529,"date":"2014-05-13T13:00:37","date_gmt":"2014-05-13T17:00:37","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=5529"},"modified":"2014-05-13T13:00:37","modified_gmt":"2014-05-13T17:00:37","slug":"avast-websites-loaded-with-pc-locking-ransomware-visited-millions-of-times-each-week","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/05\/13\/avast-websites-loaded-with-pc-locking-ransomware-visited-millions-of-times-each-week\/","title":{"rendered":"Avast: Websites loaded with PC-locking ransomware visited millions of times each week"},"content":{"rendered":"

<\/a><\/p>\n

Fresh statistics from the maker of a widely used free security product show the extent to which users are encountering file-encrypting malware known as ransomware.<\/p>\n

On Monday, Prague-based Avast said that over the past six weeks, users of its security products landed on websites hosting ransomware more than 18 million times. The company estimates 200 million Windows, Mac and Android devices have its software installed.<\/p>\n

\u201cBrowser ransomware is making a huge impact on Avast users in France, most of North America, some of the Nordic countries, and Australia,\u201d wrote Jan Sirmer, senior virus analyst, on a company blog.<\/p>\n

Avast isn\u2019t the only security company to notice an alarming uptick in ransomware attacks. Symantec and Microsoft have warned that such attacks from malware families such as Reveton, Crilock and Cryptolocker are increasingly prevalent and leave users helpless unless their files are backed up.<\/p>\n

<\/a><\/p>\n

ransomware Microsoft’s Security Intelligence Report Vol. 16<\/p>\n

Examples of ransomware.<\/p>\n

Sirmer wrote that Avast\u2019s software has stopped more than 500,000 attacks in under three months. He wrote that in just the past day or so, his company\u2019s software stopped 18,000 users from being redirected to websites hosting ransomware.<\/p>\n

The attackers constantly change the domains that host such malware. Sirmer wrote that a new domain hosting ransomware is created every 10 minutes.<\/p>\n

\u201cThese days the malicious domains are hosted on 117 different IP addresses,\u201d Sirmer wrote. \u201cThese IP addresses are distributed around the world from Austria to Brazil to Canada.\u201d<\/p>\n

Some of the most affected users are in North America, Poland, Italy, Canada, South America, Russia and some countries in Africa.<\/p>\n

The scammers often demand payment in bitcoin or Web-based money services to receive the key to decrypt the files. Sometimes, victims pay and do not even receive the decryption key.<\/p>\n

To create a stronger incentive for victims to pay, the ransomware software will sometimes display a message falsely purporting to be from a law enforcement agency warning that the computer has been used for some illegal activity.<\/p>\n

A sure-fire way to avoid problems with ransomware is to ensure files are regularly backed up. The computer\u2019s operating system can be erased and reinstalled to wipe malware from the system.<\/p>\n

via Avast: Websites loaded with PC-locking ransomware visited millions of times each week | PCWorld<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Fresh statistics from the maker of a widely used free security product show the extent to which users are encountering […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,9],"tags":[113,655,887],"class_list":["post-5529","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-avast","tag-malware","tag-ransomeware"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1rb","jetpack-related-posts":[{"id":2939,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/15\/ransomware-targets-smaller-businesses-security-ceo-warns\/","url_meta":{"origin":5529,"position":0},"title":"Ransomware targets smaller businesses, security CEO warns","author":"NCCT","date":"July 15, 2013","format":false,"excerpt":"Trending cyber attacks such as ransomware may be typically overlooked by small and midsize businesses, but the CEO of security firm Lumension warns that they are actually in the line of fire. Pat Clawson, LumensionPat Clawson Around the world, ransomware has been proved to be effective in midsized business environments\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8721,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/11\/05\/nasty-new-ransomware-program-threatens-to-leak-your-files-online\/","url_meta":{"origin":5529,"position":1},"title":"Nasty new ransomware program threatens to leak your files online","author":"NCCT","date":"November 5, 2015","format":false,"excerpt":"Lucian Constantin | PCWorld Ransomware creators have taken their extortion one step further: in addition to encrypting people\u2019s private files and asking for money before releasing a key, they now threaten to publish those files on the Internet if they\u2019re not paid. This worrying development has recently been observed in\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8920,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/05\/17\/8920\/","url_meta":{"origin":5529,"position":2},"title":"Tech support scammers now utilizing ransomware-like lock screens to threaten people","author":"NCCT","date":"May 17, 2016","format":false,"excerpt":"By Justin Luna | Neowin Some of us may be very well aware of the classic tech support scam stories, where a man randomly calls people, and informs them that they are from \"Windows company\" and that the call recipient's computer has been detected full of viruses. These cold callers\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9168,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/05\/21\/fix-for-wannacry\/","url_meta":{"origin":5529,"position":3},"title":"Fix for WannaCry","author":"NCCT","date":"May 21, 2017","format":false,"excerpt":"https:\/\/www.youtube.com\/watch?v=Llf04BW5v3A Megan Morrone talks to Iain Thomson about a possible fix for those infected with the Wannacry ransomware. Researchers have found a fix to unlock affected computers. The tool called wannakiwi allows you to avoid paying the bitcoin ransom, but only if you're running Windows XP, Windows 7, and Windows\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/Llf04BW5v3A\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9166,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/05\/15\/this-week-in-tech-614-46-at-the-piggly-wiggly\/","url_meta":{"origin":5529,"position":4},"title":"This Week in Tech 614: $46 at the Piggly Wiggly","author":"NCCT","date":"May 15, 2017","format":false,"excerpt":"https:\/\/www.youtube.com\/watch?v=d3Br2lZcce0 The WannaCry ransomware attack is far from over. Amazon introduces the Echo Show - will the touchscreen voice assistant\/videophone flop? Microsoft announces their own voice assistant, the Cortana Speaker. The US plans to ban laptops on flights from Europe. Comcast and Charter agree not to compete on wireless. Russian\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/d3Br2lZcce0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":7570,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/05\/malicious-advertisements-on-major-sites-compromised-many-many-pcs\/","url_meta":{"origin":5529,"position":5},"title":"Malicious advertisements on major sites compromised many, many PCs","author":"NCCT","date":"February 5, 2015","format":false,"excerpt":"Attackers who have slipped malicious advertisements onto major websites over the last month have potentially compromised large numbers of computers. Several security vendors have documented attacks involving malicious advertisements, which automatically redirect victims to other websites or pages that silently attack their computer and install malware. \u201cWe certainly see malvertising\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5529","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=5529"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5529\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=5529"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=5529"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=5529"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}